Lucene search
K

6 matches found

Prion
Prion
added 2008/01/25 1:0 a.m.39 views

Code injection

curl/interface.c in the cURL library aka libcurl in PHP 5.2.4 and 5.2.5 allows context-dependent attackers to bypass safemode and openbasedir restrictions and read arbitrary files via a file:// request containing a \x00 sequence, a different vulnerability than CVE-2006-2563...

5CVSS6.3AI score0.05575EPSS
Exploits2References28Affected Software1
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.38 views

openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-2039)

the CURL module lacked checks for control characters CVE-2006-2563 - strrepeat contained an integer overflow - ext/wddx contained a buffer overflow - memorylimit lacked checks for integer overflows - a bug in sscanf could potentially be exploited to execute arbitrary code CVE-2006-4020 - an...

4.6CVSS6.2AI score0.02011EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2007/02/18 12:0 a.m.40 views

SUSE-SA:2006:052: php4,php5

The remote host is missing the patch for the advisory SUSE-SA:2006:052 php4,php5. Various security problems have been fixed in the PHP script language engine and its modules, versions 4 and 5. The PHP4 updated packages were released on September 12, the PHP5 update packages were released on...

9.3CVSS6.5AI score0.06357EPSS
Exploits3
securityvulns
securityvulns
added 2006/05/30 12:0 a.m.46 views

cURL Safe Mode Bypass PHP 4.4.2 and 5.1.4

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 cURL Safe Mode Bypass PHP 4.4.2 and 5.1.4 Author: Maksymilian Arciemowicz cXIb8O3 Date: - -Written: 15.5.2006 - -Public: 27.5.2006 from SECURITYREASON.COM CVE-2006-2563 - --- 0.Description --- PHP is an HTML-embedded scripting language. Much of its...

2.1CVSS0.00408EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2006/05/29 4:2 p.m.31 views

CVE-2006-2563

The cURL library libcurl in PHP 4.4.2 and 5.1.4 allows attackers to bypass safe mode and read files via a file:// request containing null characters...

2.1CVSS5.9AI score0.00408EPSS
Exploits1References2
CVE
CVE
added 2006/05/29 4:0 p.m.76 views

CVE-2006-2563

The connected sources provide concrete details for CVE-2006-2563 and related entries: libcurl used by PHP (PHP 4.4.2 and 5.1.4 per CVE-2006-2563) can bypass safe_mode and open_basedir restrictions when a file:// URL containing a null character is processed, allowing reading of restricted files. T...

2.1CVSS6.1AI score0.00408EPSS
Exploits1References13Affected Software1
Rows per page
Query Builder